Changeset: f4e5c2b3b9a4 for MonetDB
URL: https://dev.monetdb.org/hg/MonetDB?cmd=changeset;node=f4e5c2b3b9a4
Modified Files:
clients/mapiclient/mclient.c
clients/mapilib/mapi.c
clients/odbc/driver/ODBCUtil.c
gdk/gdk_bbp.c
gdk/gdk_utils.c
geom/monetdb5/geom.c
Branch: Oct2020
Log Message:
Prefer snprintf (with correct size!) over sprintf.
diffs (truncated from 439 to 300 lines):
diff --git a/clients/mapiclient/mclient.c b/clients/mapiclient/mclient.c
--- a/clients/mapiclient/mclient.c
+++ b/clients/mapiclient/mclient.c
@@ -77,7 +77,7 @@ static char *encoding;
static bool errseen = false;
static bool allow_remote = false;
-#define setPrompt() sprintf(promptbuf, "%.*s>", (int) sizeof(promptbuf) - 2,
language)
+#define setPrompt() snprintf(promptbuf, sizeof(promptbuf), "%.*s>", (int)
sizeof(promptbuf) - 2, language)
#define debugMode() (strncmp(promptbuf, "mdb", 3) == 0)
/* the internal result set formatters */
@@ -335,7 +335,7 @@ fetch_line(MapiHdl hdl)
if (strncmp(reply, "mdb>#EOD", 8) == 0)
setPrompt();
else
- sprintf(promptbuf, "mdb>");
+ snprintf(promptbuf, sizeof(promptbuf), "mdb>");
}
return reply;
}
@@ -1352,7 +1352,7 @@ SQLdebugRendering(MapiHdl hdl)
char *reply;
int cnt = 0;
- sprintf(promptbuf, "mdb>");
+ snprintf(promptbuf, sizeof(promptbuf), "mdb>");
while ((reply = fetch_line(hdl))) {
cnt++;
mnstr_printf(toConsole, "%s\n", reply);
diff --git a/clients/mapilib/mapi.c b/clients/mapilib/mapi.c
--- a/clients/mapilib/mapi.c
+++ b/clients/mapilib/mapi.c
@@ -3403,55 +3403,55 @@ mapi_param_store(MapiHdl hdl)
switch (hdl->params[i].intype) {
case MAPI_TINY:
checkSpace(5);
- sprintf(hdl->query + k, "%hhd", *(signed char
*) src);
+ snprintf(hdl->query + k, lim - k, "%hhd",
*(signed char *) src);
break;
case MAPI_UTINY:
checkSpace(5);
- sprintf(hdl->query + k, "%hhu", *(unsigned char
*) src);
+ snprintf(hdl->query + k, lim - k, "%hhu",
*(unsigned char *) src);
break;
case MAPI_SHORT:
checkSpace(10);
- sprintf(hdl->query + k, "%hd", *(short *) src);
+ snprintf(hdl->query + k, lim - k, "%hd",
*(short *) src);
break;
case MAPI_USHORT:
checkSpace(10);
- sprintf(hdl->query + k, "%hu", *(unsigned short
*) src);
+ snprintf(hdl->query + k, lim - k, "%hu",
*(unsigned short *) src);
break;
case MAPI_INT:
checkSpace(20);
- sprintf(hdl->query + k, "%d", *(int *) src);
+ snprintf(hdl->query + k, lim - k, "%d", *(int
*) src);
break;
case MAPI_UINT:
checkSpace(20);
- sprintf(hdl->query + k, "%u", *(unsigned int *)
src);
+ snprintf(hdl->query + k, lim - k, "%u",
*(unsigned int *) src);
break;
case MAPI_LONG:
checkSpace(20);
- sprintf(hdl->query + k, "%ld", *(long *) src);
+ snprintf(hdl->query + k, lim - k, "%ld", *(long
*) src);
break;
case MAPI_ULONG:
checkSpace(20);
- sprintf(hdl->query + k, "%lu", *(unsigned long
*) src);
+ snprintf(hdl->query + k, lim - k, "%lu",
*(unsigned long *) src);
break;
case MAPI_LONGLONG:
checkSpace(30);
- sprintf(hdl->query + k, "%"PRId64, *(int64_t *)
src);
+ snprintf(hdl->query + k, lim - k, "%"PRId64,
*(int64_t *) src);
break;
case MAPI_ULONGLONG:
checkSpace(30);
- sprintf(hdl->query + k, "%"PRIu64, *(uint64_t
*) src);
+ snprintf(hdl->query + k, lim - k, "%"PRIu64,
*(uint64_t *) src);
break;
case MAPI_FLOAT:
checkSpace(30);
- sprintf(hdl->query + k, "%.9g", *(float *) src);
+ snprintf(hdl->query + k, lim - k, "%.9g",
*(float *) src);
break;
case MAPI_DOUBLE:
checkSpace(30);
- sprintf(hdl->query + k, "%.17g", *(double *)
src);
+ snprintf(hdl->query + k, lim - k, "%.17g",
*(double *) src);
break;
case MAPI_DATE:
checkSpace(50);
- sprintf(hdl->query + k,
+ snprintf(hdl->query + k, lim - k,
"DATE '%04hd-%02hu-%02hu'",
((MapiDate *) src)->year,
((MapiDate *) src)->month,
@@ -3459,7 +3459,7 @@ mapi_param_store(MapiHdl hdl)
break;
case MAPI_TIME:
checkSpace(60);
- sprintf(hdl->query + k,
+ snprintf(hdl->query + k, lim - k,
"TIME '%02hu:%02hu:%02hu'",
((MapiTime *) src)->hour,
((MapiTime *) src)->minute,
@@ -3467,7 +3467,7 @@ mapi_param_store(MapiHdl hdl)
break;
case MAPI_DATETIME:
checkSpace(110);
- sprintf(hdl->query + k,
+ snprintf(hdl->query + k, lim - k,
"TIMESTAMP '%04hd-%02hu-%02hu
%02hu:%02hu:%02hu.%09u'",
((MapiDateTime *) src)->year,
((MapiDateTime *) src)->month,
@@ -3493,7 +3493,7 @@ mapi_param_store(MapiHdl hdl)
}
hdl->query = q;
}
- sprintf(hdl->query + k, "'%s'", val);
+ snprintf(hdl->query + k, lim - k, "'%s'", val);
free(val);
break;
case MAPI_VARCHAR:
@@ -3510,11 +3510,11 @@ mapi_param_store(MapiHdl hdl)
}
hdl->query = q;
}
- sprintf(hdl->query + k, "'%s'", val);
+ snprintf(hdl->query + k, lim - k, "'%s'", val);
free(val);
break;
default:
- strcpy(hdl->query + k, src);
+ strcpy_len(hdl->query + k, src, lim - k);
break;
}
}
diff --git a/clients/odbc/driver/ODBCUtil.c b/clients/odbc/driver/ODBCUtil.c
--- a/clients/odbc/driver/ODBCUtil.c
+++ b/clients/odbc/driver/ODBCUtil.c
@@ -942,12 +942,13 @@ ODBCTranslateSQL(ODBCDbc *dbc, const SQL
}
n = (int) (q - nquery);
pr = (int) (p - q);
- q = malloc(length - pr + strlen(buf) + 1);
+ length += strlen(buf) + 1 - pr;
+ q = malloc(length);
if (q == NULL) {
free(nquery);
return NULL;
}
- length = (size_t) sprintf(q, "%.*s%s%s", n, nquery,
buf, p);
+ length = (size_t) snprintf(q, length, "%.*s%s%s", n,
nquery, buf, p);
free(nquery);
nquery = q;
q += n;
@@ -982,12 +983,13 @@ ODBCTranslateSQL(ODBCDbc *dbc, const SQL
}
n = (int) (q - nquery);
pr = (int) (p - q);
- q = malloc(length - pr + strlen(buf) + 1);
+ length += strlen(buf) + 1 - pr;
+ q = malloc(length);
if (q == NULL) {
free(nquery);
return NULL;
}
- length = (size_t) sprintf(q, "%.*s%s%s", n, nquery,
buf, p);
+ length = (size_t) snprintf(q, length, "%.*s%s%s", n,
nquery, buf, p);
free(nquery);
nquery = q;
q += n;
@@ -1002,12 +1004,13 @@ ODBCTranslateSQL(ODBCDbc *dbc, const SQL
"DATE '%04u-%02u-%02u'", yr, mt, dy);
n = (int) (q - nquery);
pr = (int) (p - q);
- q = malloc(length - pr + strlen(buf) + 1);
+ length += strlen(buf) + 1 - pr;
+ q = malloc(length);
if (q == NULL) {
free(nquery);
return NULL;
}
- length = (size_t) sprintf(q, "%.*s%s%s", n, nquery,
buf, p);
+ length = (size_t) snprintf(q, length, "%.*s%s%s", n,
nquery, buf, p);
free(nquery);
nquery = q;
q += n;
@@ -1024,12 +1027,13 @@ ODBCTranslateSQL(ODBCDbc *dbc, const SQL
p++;
n = (int) (q - nquery);
pr = (int) (p - q);
- q = malloc(length - pr + intvl + 1);
+ length += intvl + 1 - pr;
+ q = malloc(length);
if (q == NULL) {
free(nquery);
return NULL;
}
- length = (size_t) sprintf(q, "%.*s%.*s%s", n, nquery,
(int) intvl, intv, p);
+ length = (size_t) snprintf(q, length, "%.*s%.*s%s", n,
nquery, (int) intvl, intv, p);
free(nquery);
nquery = q;
q += n;
@@ -1053,12 +1057,13 @@ ODBCTranslateSQL(ODBCDbc *dbc, const SQL
u.d4[3], u.d4[4], u.d4[5], u.d4[6], u.d4[7]);
n = (int) (q - nquery);
pr = (int) (p - q);
- q = malloc(length - pr + strlen(buf) + 1);
+ length += strlen(buf) + 1 - pr;
+ q = malloc(length);
if (q == NULL) {
free(nquery);
return NULL;
}
- length = (size_t) sprintf(q, "%.*s%s%s", n, nquery,
buf, p);
+ length = (size_t) snprintf(q, length, "%.*s%s%s", n,
nquery, buf, p);
free(nquery);
nquery = q;
q += n;
@@ -1090,20 +1095,21 @@ ODBCTranslateSQL(ODBCDbc *dbc, const SQL
continue;
n = (int) (q - nquery);
pr = (int) (p - q);
- q = malloc(length - pr + 13 + 1);
+ length += 13 + 1 - pr;
+ q = malloc(length);
if (q == NULL) {
free(nquery);
return NULL;
}
switch (esc) {
case '\'':
- length = (size_t) sprintf(q, "%.*s ESCAPE ''''
%s", n, nquery, p);
+ length = (size_t) snprintf(q, length, "%.*s
ESCAPE '''' %s", n, nquery, p);
break;
case '\\':
- length = (size_t) sprintf(q, "%.*s ESCAPE r'\\'
%s", n, nquery, p);
+ length = (size_t) snprintf(q, length, "%.*s
ESCAPE r'\\' %s", n, nquery, p);
break;
default:
- length = (size_t) sprintf(q, "%.*s ESCAPE '%c'
%s", n, nquery, esc, p);
+ length = (size_t) snprintf(q, length, "%.*s
ESCAPE '%c' %s", n, nquery, esc, p);
break;
}
free(nquery);
@@ -1149,12 +1155,13 @@ ODBCTranslateSQL(ODBCDbc *dbc, const SQL
p++;
n = (int) (q - nquery);
pr = (int) (p - q);
- q = malloc(length - pr + (procend - proc) + 6);
+ length += (procend - proc) + 6 - pr;
+ q = malloc(length);
if (q == NULL) {
free(nquery);
return NULL;
}
- length = (size_t) sprintf(q, "%.*scall %.*s%s", n,
nquery, (int) (procend - proc), proc, p);
+ length = (size_t) snprintf(q, length, "%.*scall
%.*s%s", n, nquery, (int) (procend - proc), proc, p);
free(nquery);
nquery = q;
q += n;
@@ -1262,22 +1269,24 @@ ODBCTranslateSQL(ODBCDbc *dbc, const SQL
nquery = q;
q += n;
} else if (strcmp(func->name, "user")
== 0) {
- q = malloc(length - pr +
(dbc->Connected && dbc->uid ? strlen(dbc->uid) : 0) + 3);
+ length += (dbc->Connected &&
dbc->uid ? strlen(dbc->uid) : 0) + 3 - pr;
+ q = malloc(length);
if (q == NULL) {
free(nquery);
return NULL;
}
- length = (size_t) sprintf(q,
"%.*s'%s'%s", n, nquery, dbc->Connected && dbc->uid ? dbc->uid : "", p);
+ length = (size_t) snprintf(q,
length, "%.*s'%s'%s", n, nquery, dbc->Connected && dbc->uid ? dbc->uid : "", p);
free(nquery);
nquery = q;
q += n;
} else if (strcmp(func->name,
"database") == 0) {
- q = malloc(length - pr +
(dbc->Connected && dbc->dbname ? strlen(dbc->dbname) : 0) + 3);
+ length += (dbc->Connected &&
dbc->dbname ? strlen(dbc->dbname) : 0) + 3 - pr;
+ q = malloc(length);
if (q == NULL) {
free(nquery);
return NULL;
}
- length = (size_t) sprintf(q,
"%.*s'%s'%s", n, nquery, dbc->Connected && dbc->dbname ? dbc->dbname : "", p);
+ length = (size_t) snprintf(q,
length, "%.*s'%s'%s", n, nquery, dbc->Connected && dbc->dbname ? dbc->dbname :
"", p);
free(nquery);
nquery = q;
q += n;
@@ -1287,7 +1296,8 @@ ODBCTranslateSQL(ODBCDbc *dbc, const SQL
if
(strncasecmp(c->odbc, args[1].argstart, args[1].arglen) == 0 &&
c->odbc[args[1].arglen] == 0) {
_______________________________________________
checkin-list mailing list
checkin-list@monetdb.org
https://www.monetdb.org/mailman/listinfo/checkin-list
